AI Privacy Is Possible: What Proton’s CEO Says About Keeping Your Data Safe

You type a question into ChatGPT, Gemini, or Copilot, and within seconds you get a useful answer. It feels like magic — but there’s a catch. Every query you send often ends up stored, analyzed, or even used to train the next version of the model. For a growing number of users, that trade-off between convenience and privacy is becoming harder to accept.

Proton, the company behind Proton Mail and Proton VPN, has been pushing back against that trade-off for years. In a recent interview with Spiceworks, Proton’s CEO reiterated that privacy in the AI era is not only possible but necessary. He also shared one specific concern that keeps him up at night — and it’s probably something you’ve wondered about too.

What happened

Andy Yen, Proton’s co-founder and CEO, spoke with Spiceworks about the company’s approach to AI. Proton has been rolling out AI features like Proton Scribe (an AI writing assistant) and AI-powered search in Proton Drive — but with a key difference from Big Tech offerings: end-to-end encryption.

Yen argued that it is technically feasible to run useful AI models without seeing your data in plaintext. Proton’s AI features are designed so that the processing happens on encrypted data, and even Proton itself cannot read the content of your emails or files.

What bothers him most, he said, is the widespread practice of using user data to train AI models without explicit, meaningful consent. Many popular AI services collect chat histories and use them to improve their systems, often with an opt-out buried in settings. Most people don’t realize their conversations are being harvested.

Why it matters

For the average person using ChatGPT or Gemini, the privacy implications are real. Every prompt you enter — be it a draft email, a personal question, or a work problem — becomes data that the company can potentially store, share, or train on. That matters because:

  • Data can leak. Several incidents have shown that AI models can accidentally reveal training data, including personal information.
  • You lose control. Once your data is fed into a training set, it’s nearly impossible to remove it completely.
  • Consent is often not clear. “Improving the service” sounds benign, but it can mean your conversations are used to train future models without your explicit permission.

Yen’s point is that this isn’t an inevitable side effect of AI. It’s a design choice. Companies like Proton are showing that you can offer useful AI features while still respecting user privacy — if you commit to end-to-end encryption and data minimization from the start.

Of course, there are caveats. Full end-to-end encryption for large language models is still a developing area. Not every AI task can be done securely yet, and there may be trade-offs in accuracy or speed. But the direction is clear: privacy-respecting AI is feasible, and consumers should demand it.

What readers can do

You don’t have to wait for the entire industry to change. Here are concrete steps you can take today to reduce your data exposure when using AI tools.

  1. Check whether your conversations are being used for training. In ChatGPT, go to Settings → Data Controls and turn off “Improve the model for everyone.” In Gemini, look for “Activity & Settings” and disable the toggle that allows your data to be used for model training. For Copilot, Microsoft’s enterprise version may have different policies, but the consumer version often uses your data to improve the service — review the privacy dashboard.

  2. Use privacy-focused alternatives. Proton Scribe (available with a paid Proton plan) runs with end-to-end encryption. There are also local AI tools like Ollama or LM Studio that run entirely on your own device — no data ever leaves your laptop. For simple tasks, these can be surprisingly capable.

  3. Be selective about what you paste into public AI services. Assume anything you send to a free AI chat tool could be seen by humans (for moderation or review) or stored indefinitely. Don’t share sensitive personal information, passwords, or confidential work data.

  4. Read the privacy policy — at least the part about AI training. Look for phrases like “use to improve our services,” “training data,” or “anonymized.” If the policy is vague, consider the service a risk.

  5. Consider running AI locally when you can. On a modern laptop or desktop, you can run models like Llama 3 or Mistral for everyday questions, summarization, and writing help. The quality isn’t always as high as GPT-4, but it’s improving fast, and your data stays with you.

  6. Keep an eye on regulation. In 2026, the EU’s AI Act is expected to impose stricter rules on how AI companies handle training data. Similar laws are emerging in several U.S. states. These changes may force mainstream providers to offer stronger privacy options, but it will take time.

Sources

The primary source for this article is the Spiceworks interview with Andy Yen, published June 4, 2026: “Privacy in the AI era is possible, says Proton’s CEO, but one thing keeps him up at night.” Additional details about Proton’s AI features come from Proton’s official documentation and public announcements. For policy settings, refer to the respective help pages of OpenAI, Google, and Microsoft.

Privacy in the AI era isn’t a contradiction. It’s a choice — and you can start making better ones today, even while using the same tools you already rely on.